How to Setup SSH Access on a Cisco Router for Security
Telnet connections is not secure the data sent via telnet can be read by a packet sniffer and decoded so it is a security breach . We should avoid using telnet at all the times . we can enable ssh on cisco routers
We need to login to global configuration mode. The first criteria is to set a domain name and hostname of the router on the basis of which the RSA key is generated.
We need to login to global configuration mode. The first criteria is to set a domain name and hostname of the router on the basis of which the RSA key is generated.
Router(config)#hostname Akash
It sets the username of the cisco router to Akash
It sets the username of the cisco router to Akash
Akash(config)#username Akash password abc
This sets the username to akash and password to abc
This sets the username to akash and password to abc
Akash(config)#ip domain-name routemybrain.com
Akash(config)#crypto key genrerate rsa general –keys modulus 1024
Akash(config)#crypto key genrerate rsa general –keys modulus 1024
It generates an RSA key of 1024 bits we can set it upto 2048 bits
Now after generating the keys we need to make sure we setup some extra stuff like idle time out and maximum retries
Akash(config)#ip ssh time-out 60
This time out is in seconds
Now after generating the keys we need to make sure we setup some extra stuff like idle time out and maximum retries
Akash(config)#ip ssh time-out 60
This time out is in seconds
Akash(config)#ip ssh authentication-retries 2
Akash(config)#line vty 0 184
Akash(config)#line vty 0 184
It selects all the lines available . If you leave a single line open hackers can exploit that
Akash(config-line)#transport input ssh telnet
Akash(config-line)#transport input ssh telnet
This last command is very important it enables telnet and ssh both but if you want to just enable ssh on the cisco router type
Akash(config-line)#transport input ssh
No comments:
Post a Comment